Tod Beardsley (GCIA) |
Objective
With over ten years of experience, I'm always seeking new challenges in information security. My background is strongly based in intrusion prevention, vulnerability assessment and identification, team management, anti-fraud/anti-phishing countermeasures, intrusion detection and response, protocol analysis, and "bastion" host hardening.
Selected Publications
"Monkeyspaw: The Greasemonkey Security Professional's Automated Webthinger" (Code) 4 August, 2006
URL: http://www.planb-security.net/userscripts/#monkeyspaw
"Phishing Detection and Prevention: Practical Counter-Fraud Solutions" 15 August, 2005.
URL: http://www.planb-security.net/wp/503167-001_PhishingDetectionandPrevention.pdf
"Evolution of Phishing Attacks" 20 December, 2004.
URL: http://www.antiphishing.org/Evolution%20of%20Phishing%20Attacks.pdf
"Snacktime: A Perl Solution for Remote OS Fingerprinting." (Code) 22 June, 2003.
URL: http://www.planb-security.net/wp/snacktime.html
"Chapter 13: Windows 2000 Bastion Hosts." Building DMZs for Enterprise Networks.
Syngress Publishing (Shinder, Shimonski, et al.) May, 2003.
"Intrusion Detection and Analysis: Theory, Techniques, and Tools." 8 May, 2002.
URL: http://www.giac.org/practical/Tod_Beardsley_GCIA.pdf
Work Experience
BreakingPoint Systems | Austin, TX
(February, 2008 - Present)
Security Researcher for BreakingPoint's Strike Team
Research and Develop BreakingPoint AppSim modules for popular Internet protocols
TippingPoint Technologies, a division of 3Com | Austin, TX
(July, 2004 - February, 2008)
Senior Engineer for TippingPoint's DVLabs
Lead counter-fraud engineer, responsible for R&D for anti-phishing product enhancements
Produced exploit and vulnerability filters for the TippingPoint IPS product line
Provided third-level support and expertise to external customers and internal QA/Sales teams
Dell, Inc. | Austin, TX
(August, 2000 - July, 2004)
Lead intrusion detection analyst and engineer
Develop methods and tools for global penetration testing
Architect and deploy global vulnerability scanning and reporting infrastructure
Research, publish, and present enterprise standards for system host hardening
Vendor relations and management for enterprise security products
Source W (a Westinghouse company) | Trafford, PA
(November, 1999 - August, 2000)
Manager of first level IT support and asset management team
Maintain and expand entire networked environment and services
Backup and recovery for all company and personal data
Develop alerting infrastructure for all servers and network devices
Angstrom, Inc. | Pittsburgh, PA
(February, 1998 - November, 1999)
Secure baseline ISP services (SMTP, NNTP, IRC, customer web sites)
Onsite network and security consulting for small business customers
Telerama Public Access Internet | Pittsburgh, PA
(October, 1997 - February, 1998)
Day-to-day ISP customer and service support
Speaking Experience
TippingPoint DVCast, 2006-2008
"Weekly Digital Vaccine Podcat," a technical podcast for TippingPoint DV subscribers.
Black Hat Briefings, 2006
"Investigating Evil Websites with Monkeyspaw: The Greasemonkey Security Professional's Automated Webthinger"
RSA Conference, 2006
"Phishing: Defensive Strategies and Countermeasures"
SummerCon, 2005
"Trolling for Skank: A Phishing Primer"
Missouri State Bankers' Symposium, 2005 "Directions in Online Fraud"
Other Professional Distinctions
Founding Member of Austin Hackers Anonymous!
2005 Nominee for 3Com's "Innovator of the Year" award
Charter member of the Anti-Phishing Working Group (APWG)
http://antiphishing.org
Former advisory board member of the GIAC Certified Intrusion Analyst program (GCIA)
http://www.giac.org/GCIA_board.php
Occasional on-air security expert on KVUE-TV in Austin, TX
Civic Positions
Travis County Election Judge, 2004 - Present
Vice-President and Director of Sarah's Creek Homeowners Association, Inc. 2007 - Present
Education
University of Redlands
Major field of study: Pre-Law (1992)